fix

public/api/login.js

@@ -0,0 +1,105 @@
+const express = require('express');
+const mysql = require('mysql2/promise');
+const router = express.Router();
+const crypto = require('crypto-js');
+require('dotenv').config();
+
+// Create connection pool to MySQL database
+const pool = mysql.createPool({
+  host: process.env.DATABASE_HOST || 'localhost',
+  user: process.env.DATABASE_USER || 'root',
+  password: process.env.DATABASE_PASSWORD || '',
+  database: process.env.DATABASE_NAME || 'deployer',
+  waitForConnections: true,
+  connectionLimit: 10,
+  queueLimit: 0,
+});
+
+// Generate a secure token
+const generateToken = (length = 64) => {
+  const characters = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
+  let token = '';
+  for (let i = 0; i < length; i++) {
+    token += characters.charAt(Math.floor(Math.random() * characters.length));
+  }
+  return token;
+};
+
+/**
+ * Login endpoint to authenticate users against the database
+ */
+router.post('/', async (req, res) => {
+  const { email, password } = req.body;
+
+  // Basic validation
+  if (!email || !password) {
+    return res.status(400).json({
+      success: false,
+      error: 'Email and password are required'
+    });
+  }
+
+  try {
+    // Query database for user with matching email
+    const [rows] = await pool.query(
+      'SELECT * FROM User WHERE email = ?',
+      [email]
+    );
+
+    // Check if user exists
+    if (rows.length === 0) {
+      return res.status(401).json({
+        success: false,
+        error: 'User not found'
+      });
+    }
+
+    const user = rows[0];
+
+    // Check if user is active
+    if (!user.active) {
+      return res.status(401).json({
+        success: false,
+        error: 'Account is inactive'
+      });
+    }
+
+    // Verify password (compare hashed passwords)
+    if (user.password !== password) {
+      return res.status(401).json({
+        success: false,
+        error: 'Invalid credentials'
+      });
+    }
+
+    // Generate token
+    const token = generateToken();
+
+    // Update last login timestamp
+    await pool.query(
+      'UPDATE User SET lastLogin = NOW() WHERE id = ?',
+      [user.id]
+    );
+
+    // Return success with token and user info
+    return res.json({
+      success: true,
+      token,
+      user: {
+        id: user.id,
+        name: `${user.name} ${user.surname}`,
+        email: user.email,
+        role: user.role
+      }
+    });
+  }
+  catch (error) {
+    console.error('Authentication error:', error);
+    return res.status(500).json({
+      success: false,
+      error: 'Internal server error'
+    });
+  }
+});
+
+module.exports = router;

public/api/server.js

@@ -0,0 +1,34 @@
+const express = require('express');
+const cors = require('cors');
+const bodyParser = require('body-parser');
+const loginRoutes = require('./login');
+
+const app = express();
+const port = process.env.PORT || 3000;
+
+// Middleware
+app.use(cors());
+app.use(bodyParser.json());
+
+// Routes
+app.use('/api/login', loginRoutes);
+
+// Health check endpoint
+app.get('/api/health', (req, res) => {
+  res.json({ status: 'ok', timestamp: new Date() });
+});
+
+// Error handling middleware
+app.use((err, req, res, next) => {
+  console.error('API error:', err);
+  res.status(500).json({ 
+    success: false,
+    error: 'Internal server error',
+    message: process.env.NODE_ENV === 'development' ? err.message : undefined
+  });
+});
+
+// Start server
+app.listen(port, () => {
+  console.log(`API server running on port ${port}`);
+});